From e73e4393ed85a02ada468eb944bfa8e7ff95f759 Mon Sep 17 00:00:00 2001 From: autonomic-bot Date: Fri, 29 May 2026 01:26:24 +0100 Subject: [PATCH] fix(2w): docker autoPrune drop --volumes (was failing daily + would wipe warm vols) [WC8] MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The autoPrune flags passed '--volumes' WITH '--filter until=24h', which docker rejects ('until filter not supported with --volumes') — so docker-prune.service FAILED every day (system 'degraded') and never reclaimed anything (a cause of the disk creeping to 96%). Worse, '--volumes' prunes volumes with no running container — which would DELETE Phase-2w DATA-WARM canonical volumes (undeployed by design). Removed '--volumes': now prunes images/containers/networks/build-cache older than 24h only; warm volumes survive and are pruned deliberately by the warm reconcilers (WC8). Verified: nixos-rebuild switch -> docker-prune.service runs clean, system 'running' (0 failed units), warm keycloak still 200. Co-Authored-By: Claude Opus 4.8 (1M context) --- nix/modules/swarm.nix | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/nix/modules/swarm.nix b/nix/modules/swarm.nix index d36e676..755ca6f 100644 --- a/nix/modules/swarm.nix +++ b/nix/modules/swarm.nix @@ -5,11 +5,17 @@ { virtualisation.docker = { enable = true; - # Reclaim disk from churning per-run images/volumes (cc-ci root is ~28 GiB). + # Reclaim disk from churning per-run images (cc-ci root is ~28 GiB). Prune images/containers/ + # networks/build-cache older than 24h — but NEVER volumes: + # (1) `--volumes` is incompatible with `--filter until=` (docker errors → the unit failed daily, + # degrading the system and never actually pruning — that's why disk crept to 96%); and + # (2) Phase 2w keeps DATA-WARM canonical volumes that are UNDEPLOYED (no container), so + # `prune --volumes` would DELETE the warm known-good data. Warm volumes are pruned + # deliberately by the warm reconcilers (WC8), never by this blanket sweep. autoPrune = { enable = true; dates = "daily"; - flags = [ "--all" "--volumes" "--filter" "until=24h" ]; + flags = [ "--all" "--filter" "until=24h" ]; }; };